diff options
| author | Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> | 2015-10-30 08:57:02 -0400 |
|---|---|---|
| committer | Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> | 2015-11-09 10:52:55 -0500 |
| commit | 2e31125c241212e2407d61a2d1cbdad0055a30b0 (patch) | |
| tree | 05e79124d15a123b780969a00a6af7218ab2df7e /drivers/char | |
| parent | b1a4144a695ff4a6834a2680600f36f991fa4926 (diff) | |
tpm: fix missing migratable flag in sealing functionality for TPM2
The 'migratable' flag was not added to the key payload. This patch
fixes the problem.
Fixes: 0fe5480303a1 ("keys, trusted: seal/unseal with TPM 2.0 chips")
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <PeterHuewe@gmx.de>
Diffstat (limited to 'drivers/char')
| -rw-r--r-- | drivers/char/tpm/tpm2-cmd.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index bd7039fafa8a..c12130485fc1 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c | |||
| @@ -443,12 +443,13 @@ int tpm2_seal_trusted(struct tpm_chip *chip, | |||
| 443 | TPM_DIGEST_SIZE); | 443 | TPM_DIGEST_SIZE); |
| 444 | 444 | ||
| 445 | /* sensitive */ | 445 | /* sensitive */ |
| 446 | tpm_buf_append_u16(&buf, 4 + TPM_DIGEST_SIZE + payload->key_len); | 446 | tpm_buf_append_u16(&buf, 4 + TPM_DIGEST_SIZE + payload->key_len + 1); |
| 447 | 447 | ||
| 448 | tpm_buf_append_u16(&buf, TPM_DIGEST_SIZE); | 448 | tpm_buf_append_u16(&buf, TPM_DIGEST_SIZE); |
| 449 | tpm_buf_append(&buf, options->blobauth, TPM_DIGEST_SIZE); | 449 | tpm_buf_append(&buf, options->blobauth, TPM_DIGEST_SIZE); |
| 450 | tpm_buf_append_u16(&buf, payload->key_len); | 450 | tpm_buf_append_u16(&buf, payload->key_len + 1); |
| 451 | tpm_buf_append(&buf, payload->key, payload->key_len); | 451 | tpm_buf_append(&buf, payload->key, payload->key_len); |
| 452 | tpm_buf_append_u8(&buf, payload->migratable); | ||
| 452 | 453 | ||
| 453 | /* public */ | 454 | /* public */ |
| 454 | tpm_buf_append_u16(&buf, 14); | 455 | tpm_buf_append_u16(&buf, 14); |
| @@ -573,6 +574,8 @@ static int tpm2_unseal(struct tpm_chip *chip, | |||
| 573 | u32 blob_handle) | 574 | u32 blob_handle) |
| 574 | { | 575 | { |
| 575 | struct tpm_buf buf; | 576 | struct tpm_buf buf; |
| 577 | u16 data_len; | ||
| 578 | u8 *data; | ||
| 576 | int rc; | 579 | int rc; |
| 577 | 580 | ||
| 578 | rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL); | 581 | rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL); |
| @@ -591,11 +594,13 @@ static int tpm2_unseal(struct tpm_chip *chip, | |||
| 591 | rc = -EPERM; | 594 | rc = -EPERM; |
| 592 | 595 | ||
| 593 | if (!rc) { | 596 | if (!rc) { |
| 594 | payload->key_len = be16_to_cpup( | 597 | data_len = be16_to_cpup( |
| 595 | (__be16 *) &buf.data[TPM_HEADER_SIZE + 4]); | 598 | (__be16 *) &buf.data[TPM_HEADER_SIZE + 4]); |
| 599 | data = &buf.data[TPM_HEADER_SIZE + 6]; | ||
| 596 | 600 | ||
| 597 | memcpy(payload->key, &buf.data[TPM_HEADER_SIZE + 6], | 601 | memcpy(payload->key, data, data_len - 1); |
| 598 | payload->key_len); | 602 | payload->key_len = data_len - 1; |
| 603 | payload->migratable = data[data_len - 1]; | ||
| 599 | } | 604 | } |
| 600 | 605 | ||
| 601 | tpm_buf_destroy(&buf); | 606 | tpm_buf_destroy(&buf); |